Here's what we know and how you can protect yourself.
The way this has been happening to people starts with getting their phones stolen.
The process typically starts with thieves targeting public places like bars and clubs, where they look for iPhone users entering their passcodes without much attention. After identifying a potential victim, the thief steals their phone. Once the phone is stolen, the thief proceeds to lock the owner out of their device permanently.
Once they enter in the owner's passcode, the thief can change any setting they want, including what is known as a "recovery key." This is an optional feature that Apple introduced back in 2020, and it is meant to protect users from online hackers. However, the feature has made it significantly easier for thieves to take over a person's phone with no way of getting it back.
It's all about the recovery key.
The recovery key is a unique 28-digit code that you can turn on within your Settings app. You can use it to help reset your password or regain access to your Apple ID by contacting Apple. Apple will send you a verification code to your phone number and then will ask for your recovery key code.
However, you need to have access to your iPhone to get that recovery key code, and if a thief gets ahold of your iPhone and has your passcode to get in, they can turn on your recovery key and lock you out of getting your data back. Even if you already have a recovery key in place on your iPhone, they can reset it and make a new one.
This is the million-dollar question and one that doesn't have a clear answer. For some reason, Apple doesn't have any other way for people to prove their account ownership, which is quite shocking, considering that it is such a big tech company. At the time of publishing, Apple had not responded to our requests for guidance to address this deeply concerning threat.
Lots of other companies, like Uber, LinkedIn and more, have unique measures in place, such as uploading video selfies or even driver's licenses and passports to help a person verify themselves. Considering the number of people who have reached out to Apple and complained about this policy, hopefully, the tech giant will come up with an alternative soon.
For now, there are a few measures you can take to protect yourself from getting permanently locked out of your account.
If you have a simple passcode, such as your birthday or even something like 123456, you should change it. Having an alphanumeric passcode is a great way to complicate your password more and prevent hackers from guessing it, because it uses both letters and numbers. Here's how to set it up.
Face ID is a great way to guarantee that a thief cannot get into your phone. Always opt to use Face ID first, and only use your passcode when you absolutely have to. Here's how to set up Face ID on your iPhone.
Parental controls are typically used when a parent wants to control their child's screen time. However, you can also use it as an extra security measure for yourself by setting a specific screen time passcode (which should be different from your regular iPhone passcode). This will prevent people from accessing certain apps on your phone, even if they have your passcode. Here's how to set it up:
Have you ever had your devices stolen like this? Let us know at CyberGuy.com/contact.
For more of my tips, subscribe to my free CyberGuy Report Newsletter by heading to CyberGuy.com/Newsletter.
Copyright 2023 CyberGuy.com. All rights reserved.